It hides in the boot sector which usually isn’t reformatted unless you do it using 3rd party tools. You’d probably have to run like a fdisk /mbr to clean it the old fashioned way.
Yes, I did that on one of the Dell Optiplex 755 computers which was compromised again after performing a typical high level format and reinstallation of MS Windows XP. This was the system where the FBI Ransomware disabled access to the AMI BIOS setup. Naturally, it is suspected the malware has hidden in an area of the hard drive which requires a low level format and other special nati-malware disinfection, or the malware has hidden itself in the BIOS firmware.
My or our current bet in this instance is an infection of the BIOS firmware. We’re going to attempt to remove the system board battery to power down the firmware to see if that clears any malware infection in that hiding place. That is a future to do project...not something I can afford to spend time on at present.